We have some questions to GoAnywhere MFT related with a third-party Load Balancer. But first of all our entire configuration: We use two MFT-Server in connection with two Gateway-Server. In front of the Gateway-Server we use a F5 Load Balancer. The Load Balancer has two different things to do. SSL offloading (HTTPS to HTTP) and of course load balancing (HTTPS and SFTP).

1. The SSL offloading only works, if we change the tomcat settings (install folder/config/https.xml) to:

2. Is it possible to use the X-Forwarded-For header in GoAnyhwere MFT? And is there an analog possibility for SFTP? Because currently we only see the remote IP Address which is every time the same (the IP of the Load Balancer)

3. Do you have a documentation for using a third-party Load Balancer in front of the Gateway-Server?

Your best option here is to load the certificates into GoAnywhere and let the product handle the encryptions. It does this seamlessly through the program.

I assume you're trying to pass the originating details through the X-Forwarded-For header ... if so, this isn't recognized within GAMFT.

The issue is that you have to have the F5 forward the Originating IP. Normally this is done by SNAT using an iRule.

Normally, we do not provide support for front-end Load Balancers as the product allows for each customer to utilize VIP, LB, Firewalls, etc to route the communication traffic to the Gateway and/or the GAMFT directly. This is all determined by the Customer Installation and their network architecture. We have customers using F5 as well as Netscaler and others that they configured to pass-thru the originating IP, but we do not provide support for those configurations as they could affect other areas besides GAMFT.